Tech Support Forum - View Single Post - Task manager greyed out, pop-ups

butlerkj · 05-15-2008, 10:07 PM

Sorry for the delay, my computer has gotten really bad and it's difficult to access the internet. I keep getting a Microsoft Visual C++ Runtime Library error saying "Buffer overrun detected! Program:C:\WINNT\Explorer.EXE A buffer overrun has been detected which has corrupted the program's internal state. The program cannot safely continue execution and must now be terminated." At this point my PC freezes up completely and (since the task manager button is greyed out) I have to restart my computer. Here's a fresh DSS report:

Deckard's System Scanner v20071014.68
Run by Kevin Butler on 2008-05-15 18:40:48
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- HijackThis (run as Kevin Butler.exe) ----------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:40:56 PM, on 5/15/2008
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\ZoneLabs\vsmon.exe
C:\WINNT\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINNT\System32\svchost.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINNT\b2new.exe
C:\WINNT\System32\nvsvc32.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\system32\stisvc.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\wmsdkns.exe
C:\WINNT\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINNT\system32\RUNDLL32.EXE
C:\Program Files\SnapStream Media\Firefly\Firefly.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Ahead\ODD Toolkit\DVDTray.exe
C:\WINNT\system32\rundll32.exe
C:\Program Files\Palm\Hotsync.exe
C:\WINNT\system32\wuauclt.exe
C:\PROGRA~1\COMMON~1\SNAPST~1\Common\x10nets.exe
C:\Documents and Settings\Kevin Butler\Desktop\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\KEVINB~1.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm
F2 - REG:system.ini: UserInit=C:\WINNT\system32\userinit.exe,C:\WINNT\system32\wmsdkns.exe,
O2 - BHO: (no name) - {00000250-0320-4dd4-be4f-7566d2314352} - (no file)
O2 - BHO: (no name) - {13197ace-6851-45c3-a7ff-c281324d5489} - (no file)
O2 - BHO: (no name) - {15651c7c-e812-44a2-a9ac-b467a2233e7d} - (no file)
O2 - BHO: (no name) - {4e1075f4-eec4-4a86-add7-cd5f52858c31} - (no file)
O2 - BHO: (no name) - {4e7bd74f-2b8d-469e-92c6-ce7eb590a94d} - (no file)
O2 - BHO: (no name) - {5929cd6e-2062-44a4-b2c5-2c7e78fbab38} - (no file)
O2 - BHO: (no name) - {5dafd089-24b1-4c5e-bd42-8ca72550717b} - (no file)
O2 - BHO: (no name) - {5fa6752a-c4a0-4222-88c2-928ae5ab4966} - (no file)
O2 - BHO: (no name) - {622cc208-b014-4fe0-801b-874a5e5e403a} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {8674aea0-9d3d-11d9-99dc-00600f9a01f1} - (no file)
O2 - BHO: (no name) - {965a592f-8efa-4250-8630-7960230792f1} - (no file)
O2 - BHO: (no name) - {9c5b2f29-1f46-4639-a6b4-828942301d3e} - (no file)
O2 - BHO: (no name) - {BCA86068-A178-45AE-A05D-EBFD19A43265} - C:\WINNT\system32\urqNDWNH.dll
O2 - BHO: (no name) - {C7BBC1FA-E415-4926-9A47-9AB58D0B3BC8} - C:\WINNT\system32\iifgGYop.dll
O2 - BHO: (no name) - {cf021f40-3e14-23a5-cba2-717765728274} - (no file)
O2 - BHO: {721e2b5f-26e5-7a7a-bf04-89cc5a44f7bf} - {fb7f44a5-cc98-40fb-a7a7-5e62f5b2e127} - C:\WINNT\system32\qybjykpk.dll
O2 - BHO: (no name) - {fc3a74e5-f281-4f10-ae1e-733078684f3c} - (no file)
O2 - BHO: (no name) - {ffff0001-0002-101a-a3c9-08002b2f49fb} - (no file)
O2 - BHO: Microsoft copyright - {FFFFFFFF-BBBB-4146-86FD-A722E8AB3489} - sockins32.dll (file missing)
O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINNT\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [TCASUTIEXE] TCAUDIAG -off
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINNT\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Firefly] C:\Program Files\SnapStream Media\Firefly\Firefly.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINNT\system32\NeroCheck.exe
O4 - HKLM\..\Run: [DVDTray] C:\Program Files\Ahead\ODD Toolkit\DVDTray.exe
O4 - HKLM\..\Run: [b880c3d9] rundll32.exe "C:\WINNT\system32\lvqwfjio.dll",b
O4 - HKCU\..\Run: [AdobeUpdater] C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe
O4 - HKUS\.DEFAULT\..\RunOnce: [^SetupICWDesktop] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1.exe /desktop (User 'Default user')
O4 - Global Startup: Beyond TV.lnk = ?
O4 - Global Startup: HOTSYNCSHORTCUTNAME.lnk = C:\Program Files\Palm\Hotsync.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/actives.../as2stubie.cab
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://appldnld.apple.com.edgesuite....eInstaller.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/wind...?1210551073299
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn.com/binFramewor...o.cab56649.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab
O20 - Winlogon Notify: iifgGYop - C:\WINNT\SYSTEM32\iifgGYop.dll
O21 - SSODL: WebProxy - {66186F05-BBBB-4a39-864F-72D84615C679} - sockins32.dll (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MsSecurity Updated (MsSecurity1.209.4) - Unknown owner - C:\WINNT\b2new.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINNT\System32\nvsvc32.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINNT\system32\ZoneLabs\vsmon.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\SNAPST~1\Common\x10nets.exe

--
End of file - 8028 bytes

-- Files created between 2008-04-15 and 2008-05-15 -----------------------------

2008-05-15 18:40:09 16384 --a-----t C:\WINNT\system32\Perflib_Perfdata_638.dat
2008-05-15 17:23:13 98960 --a------ C:\WINNT\system32\qybjykpk.dll
2008-05-15 09:50:10 82960 --a------ C:\WINNT\system32\lvqwfjio.dll
2008-05-15 09:47:11 90304 --a------ C:\WINNT\system32\lnvepyvk.dll
2008-05-14 09:56:37 98928 --a------ C:\WINNT\system32\jewhhrgr.dll
2008-05-14 09:50:10 2048 --a------ C:\WINNT\system32\oajpqhhj.exe
2008-05-14 09:44:17 90208 --a------ C:\WINNT\system32\mkkibxpi.dll
2008-05-13 19:46:29 553548 ---h----- C:\WINNT\ShellIconCache
2008-05-13 09:53:12 98864 --a------ C:\WINNT\system32\eheejsbs.dll
2008-05-13 09:47:10 2048 --a------ C:\WINNT\system32\mqkjddwn.exe
2008-05-13 09:44:10 90176 --a------ C:\WINNT\system32\ndhfepxt.dll
2008-05-12 09:50:10 98896 --a------ C:\WINNT\system32\gkwigkko.dll
2008-05-12 09:47:10 2048 --a------ C:\WINNT\system32\qfldurte.exe
2008-05-12 09:44:10 90176 --a------ C:\WINNT\system32\ttofxqyb.dll
2008-05-11 18:30:08 0 d-------- C:\Program Files\Trend Micro
2008-05-11 18:18:36 0 d-------- C:\WINNT\system32\BITS
2008-05-11 18:05:19 0 d-------- C:\Documents and Settings\All Users\Application Data\TEMP
2008-05-11 18:05:10 0 d-------- C:\Program Files\SpywareBlaster
2008-05-11 16:29:10 0 d-------- C:\Program Files\Panda Security
2008-05-11 15:02:17 16384 --a-----t C:\WINNT\system32\Perflib_Perfdata_27c.dat
2008-05-11 14:52:15 2822 --a------ C:\WINNT\system32\tmp.reg
2008-05-11 14:28:25 0 d-------- C:\Program Files\SmitfraudFix <SMITFR~1>
2008-05-11 14:25:20 1390255 --a------ C:\Program Files\SmitfraudFix.exe
2008-05-11 14:19:11 16384 --a-----t C:\WINNT\system32\Perflib_Perfdata_284.dat
2008-05-11 10:47:21 21504 --a------ C:\WINNT\stcloader.exe
2008-05-11 10:47:19 13568 --a------ C:\WINNT\voiceip.dll
2008-05-11 10:47:19 31232 --a------ C:\WINNT\swin32.dll
2008-05-11 10:47:18 18432 --a------ C:\WINNT\cdsm32.dll
2008-05-11 10:47:18 25856 --a------ C:\WINNT\bokja.exe
2008-05-11 10:47:17 29440 --a------ C:\WINNT\mssvr.exe
2008-05-11 10:47:16 24064 --a------ C:\WINNT\mspphe.dll
2008-05-11 10:47:16 27136 --a------ C:\WINNT\bjam.dll
2008-05-11 10:47:15 22016 --a------ C:\WINNT\2020search2.dll
2008-05-11 10:47:14 22016 --a------ C:\WINNT\2020search.dll
2008-05-11 10:47:07 13824 --a------ C:\WINNT\saiemod.dll
2008-05-11 10:47:06 26368 --a------ C:\WINNT\msapasrc.dll
2008-05-11 10:47:06 25600 --a------ C:\WINNT\msa64chk.dll
2008-05-11 10:47:04 14848 --a------ C:\WINNT\shdocpl.dll
2008-05-11 10:47:03 12544 --a------ C:\WINNT\shdocpe.dll
2008-05-11 10:47:03 22016 --a------ C:\WINNT\ntnut.exe
2008-05-11 10:47:02 15616 --a------ C:\WINNT\winsb.dll
2008-05-11 10:47:02 31744 --a------ C:\WINNT\browserad.dll
2008-05-11 10:47:01 31744 --a------ C:\WINNT\aviwrap32.dll
2008-05-11 10:47:00 10752 --a------ C:\WINNT\avisynthex32.dll
2008-05-11 10:47:00 11008 --a------ C:\WINNT\avifile32.dll
2008-05-11 10:47:00 25600 --a------ C:\WINNT\autodisc32.dll
2008-05-11 10:46:59 11264 --a------ C:\WINNT\audiosrv32.dll
2008-05-11 10:46:59 24320 --a------ C:\WINNT\ati2dvag32.dll
2008-05-11 10:46:59 9216 --a------ C:\WINNT\ati2dvaa32.dll
2008-05-11 10:46:58 21248 --a------ C:\WINNT\athprxy32.dll
2008-05-11 10:46:58 25344 --a------ C:\WINNT\asycfilt32.dll
2008-05-11 10:46:57 16384 --a------ C:\WINNT\asferror32.dll
2008-05-11 10:46:57 30720 --a------ C:\WINNT\apphelp32.dll
2008-05-11 10:46:56 24832 --a------ C:\WINNT\changeurl_30.dll
2008-05-11 09:41:15 1221139 --ahs---- C:\WINNT\system32\HNWDNqru.ini2
2008-05-11 09:41:10 316464 --a------ C:\WINNT\system32\urqNDWNH.dll
2008-05-11 09:37:46 41724 ---hs---- C:\Program Files\Common Files\Yazzle1552OinUninstaller.exe
2008-05-11 09:36:13 0 d-------- C:\WINNT\system32\dFrnx06
2008-05-11 09:36:13 0 d-------- C:\Temp
2008-05-11 09:35:59 25728 --a------ C:\WINNT\system32\iifgGYop.dll
2008-05-11 09:35:55 0 d-------- C:\Program Files\QdrDrive
2008-05-11 09:35:21 0 d-------- C:\Documents and Settings\Default User\Application Data\Macromedia
2008-05-11 09:35:09 91563 --a------ C:\WINNT\system32\wmsdkns.exe <Not Verified; Microsoft; XML Media>
2008-05-11 09:35:09 91563 --a------ C:\WINNT\lfn.exe <Not Verified; Microsoft; XML Media>
2008-05-11 09:34:55 25600 --a------ C:\WINNT\b2new.exe
2008-05-09 12:10:08 187904 ---hs---- C:\Program Files\Common Files\Yazzle1552OinAdmin.exe
2008-05-09 11:10:10 229514 --a------ C:\WINNT\system32\000080.exe
2008-05-03 10:48:00 270709 --a------ C:\WINNT\system32\000060.exe
2008-05-01 17:52:43 16384 --a-----t C:\WINNT\system32\Perflib_Perfdata_28c.dat

-- Find3M Report ---------------------------------------------------------------

2008-05-11 09:37:46 0 d-a------ C:\Program Files\Common Files
2008-04-01 20:02:39 0 d-------- C:\Program Files\Ahead
2008-04-01 19:58:25 0 d-------- C:\Program Files\Common Files\Ahead
2008-04-01 19:46:36 830293 --a------ C:\WINNT\hpdvd840b_HJ86.exe
2008-02-22 21:59:32 50 --a------ C:\tmp.bat
2008-02-20 20:27:35 16384 --a-----t C:\WINNT\system32\Perflib_Perfdata_5c4.dat
2008-02-20 20:11:28 16384 --a-----t C:\WINNT\system32\Perflib_Perfdata_e4.dat
2008-02-16 10:47:40 16384 --a-----t C:\WINNT\system32\Perflib_Perfdata_540.dat

-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{00000250-0320-4dd4-be4f-7566d2314352}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{13197ace-6851-45c3-a7ff-c281324d5489}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{15651c7c-e812-44a2-a9ac-b467a2233e7d}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{4e1075f4-eec4-4a86-add7-cd5f52858c31}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{4e7bd74f-2b8d-469e-92c6-ce7eb590a94d}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{5929cd6e-2062-44a4-b2c5-2c7e78fbab38}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{5dafd089-24b1-4c5e-bd42-8ca72550717b}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{5fa6752a-c4a0-4222-88c2-928ae5ab4966}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{622cc208-b014-4fe0-801b-874a5e5e403a}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{8674aea0-9d3d-11d9-99dc-00600f9a01f1}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{965a592f-8efa-4250-8630-7960230792f1}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{9c5b2f29-1f46-4639-a6b4-828942301d3e}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{BCA86068-A178-45AE-A05D-EBFD19A43265}]
05/11/08 09:41a 316464 --a------ C:\WINNT\system32\urqNDWNH.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{C7BBC1FA-E415-4926-9A47-9AB58D0B3BC8}]
05/11/08 09:36a 25728 --a------ C:\WINNT\system32\iifgGYop.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{cf021f40-3e14-23a5-cba2-717765728274}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{fb7f44a5-cc98-40fb-a7a7-5e62f5b2e127}]
05/15/08 05:23p 98960 --a------ C:\WINNT\system32\qybjykpk.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{fc3a74e5-f281-4f10-ae1e-733078684f3c}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{ffff0001-0002-101a-a3c9-08002b2f49fb}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{FFFFFFFF-BBBB-4146-86FD-A722E8AB3489}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Synchronization Manager"="mobsync.exe" [06/19/03 01:05p C:\WINNT\system32\mobsync.exe]
"NvCplDaemon"="C:\WINNT\System32\NvCpl.dll" [07/15/04 11:42a]
"TCASUTIEXE"="TCAUDIAG -off" []
"nwiz"="nwiz.exe" [07/15/04 11:42a C:\WINNT\system32\nwiz.exe]
"NvMediaCenter"="C:\WINNT\System32\NvMcTray.dll" [07/15/04 11:42a]
"Firefly"="C:\Program Files\SnapStream Media\Firefly\Firefly.exe" [08/18/04 01:07p]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [03/29/08 11:37a]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [09/06/06 06:08p]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [09/25/07 02:11a]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [10/10/07 08:51p]
"ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [11/14/07 05:05p]
"NeroFilterCheck"="C:\WINNT\system32\NeroCheck.exe" [07/09/01 11:50a]
"DVDTray"="C:\Program Files\Ahead\ODD Toolkit\DVDTray.exe" [09/03/04 02:58a]
"b880c3d9"="C:\WINNT\system32\lvqwfjio.dll" [05/15/08 09:50a]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AdobeUpdater"="C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe" [03/01/07 10:37a]

[HKEY_USERS\.default\software\microsoft\windows\currentversion\runonce]
"^SetupICWDesktop"=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1.exe /desktop

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"DisableTaskMgr"=1 (0x1)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableTaskMgr"=1 (0x1)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{C7BBC1FA-E415-4926-9A47-9AB58D0B3BC8}"= C:\WINNT\system32\iifgGYop.dll [05/11/08 09:36a 25728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
"WebProxy"= {66186F05-BBBB-4a39-864F-72D84615C679} - sockins32.dll [ ]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="C:\WINNT\system32\userinit.exe,C:\WINNT\system32\wmsdkns.exe,"

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\iifgGYop]
iifgGYop.dll 05/11/08 09:36a 25728 C:\WINNT\system32\iifgGYop.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=NVDESK32.DLL

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
"Authentication Packages"= msv1_0 C:\WINNT\system32\urqNDWNH

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sglfb.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\tga.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{66186F05-BBBB-4a39-864F-72D84615C679}]
rundll32 sockins32.dll,InitModule

-- End of Deckard's System Scanner: finished at 2008-05-15 18:42:11 ------------

05-15-2008, 10:07 PM	#3 (permalink)
butlerkj Registered User Join Date: May 2008 Posts: 7 OS: Win2000	Re: Task manager greyed out, pop-ups Sorry for the delay, my computer has gotten really bad and it's difficult to access the internet. I keep getting a Microsoft Visual C++ Runtime Library error saying "Buffer overrun detected! Program:C:\WINNT\Explorer.EXE A buffer overrun has been detected which has corrupted the program's internal state. The program cannot safely continue execution and must now be terminated." At this point my PC freezes up completely and (since the task manager button is greyed out) I have to restart my computer. Here's a fresh DSS report: Deckard's System Scanner v20071014.68 Run by Kevin Butler on 2008-05-15 18:40:48 Computer is in Normal Mode. -------------------------------------------------------------------------------- -- HijackThis (run as Kevin Butler.exe) ---------------------------------------- Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 6:40:56 PM, on 5/15/2008 Platform: Windows 2000 SP4 (WinNT 5.00.2195) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Boot mode: Normal Running processes: C:\WINNT\System32\smss.exe C:\WINNT\system32\winlogon.exe C:\WINNT\system32\services.exe C:\WINNT\system32\lsass.exe C:\WINNT\system32\svchost.exe C:\WINNT\system32\ZoneLabs\vsmon.exe C:\WINNT\system32\spoolsv.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINNT\System32\svchost.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\WINNT\b2new.exe C:\WINNT\System32\nvsvc32.exe C:\WINNT\system32\regsvc.exe C:\WINNT\system32\MSTask.exe C:\WINNT\system32\stisvc.exe C:\WINNT\System32\WBEM\WinMgmt.exe C:\WINNT\system32\svchost.exe C:\WINNT\system32\wmsdkns.exe C:\WINNT\Explorer.EXE C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\WINNT\system32\RUNDLL32.EXE C:\Program Files\SnapStream Media\Firefly\Firefly.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Program Files\Ahead\ODD Toolkit\DVDTray.exe C:\WINNT\system32\rundll32.exe C:\Program Files\Palm\Hotsync.exe C:\WINNT\system32\wuauclt.exe C:\PROGRA~1\COMMON~1\SNAPST~1\Common\x10nets.exe C:\Documents and Settings\Kevin Butler\Desktop\dss.exe C:\PROGRA~1\TRENDM~1\HIJACK~1\KEVINB~1.EXE R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm F2 - REG:system.ini: UserInit=C:\WINNT\system32\userinit.exe,C:\WINNT\system32\wmsdkns.exe, O2 - BHO: (no name) - {00000250-0320-4dd4-be4f-7566d2314352} - (no file) O2 - BHO: (no name) - {13197ace-6851-45c3-a7ff-c281324d5489} - (no file) O2 - BHO: (no name) - {15651c7c-e812-44a2-a9ac-b467a2233e7d} - (no file) O2 - BHO: (no name) - {4e1075f4-eec4-4a86-add7-cd5f52858c31} - (no file) O2 - BHO: (no name) - {4e7bd74f-2b8d-469e-92c6-ce7eb590a94d} - (no file) O2 - BHO: (no name) - {5929cd6e-2062-44a4-b2c5-2c7e78fbab38} - (no file) O2 - BHO: (no name) - {5dafd089-24b1-4c5e-bd42-8ca72550717b} - (no file) O2 - BHO: (no name) - {5fa6752a-c4a0-4222-88c2-928ae5ab4966} - (no file) O2 - BHO: (no name) - {622cc208-b014-4fe0-801b-874a5e5e403a} - (no file) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: (no name) - {8674aea0-9d3d-11d9-99dc-00600f9a01f1} - (no file) O2 - BHO: (no name) - {965a592f-8efa-4250-8630-7960230792f1} - (no file) O2 - BHO: (no name) - {9c5b2f29-1f46-4639-a6b4-828942301d3e} - (no file) O2 - BHO: (no name) - {BCA86068-A178-45AE-A05D-EBFD19A43265} - C:\WINNT\system32\urqNDWNH.dll O2 - BHO: (no name) - {C7BBC1FA-E415-4926-9A47-9AB58D0B3BC8} - C:\WINNT\system32\iifgGYop.dll O2 - BHO: (no name) - {cf021f40-3e14-23a5-cba2-717765728274} - (no file) O2 - BHO: {721e2b5f-26e5-7a7a-bf04-89cc5a44f7bf} - {fb7f44a5-cc98-40fb-a7a7-5e62f5b2e127} - C:\WINNT\system32\qybjykpk.dll O2 - BHO: (no name) - {fc3a74e5-f281-4f10-ae1e-733078684f3c} - (no file) O2 - BHO: (no name) - {ffff0001-0002-101a-a3c9-08002b2f49fb} - (no file) O2 - BHO: Microsoft copyright - {FFFFFFFF-BBBB-4146-86FD-A722E8AB3489} - sockins32.dll (file missing) O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINNT\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [TCASUTIEXE] TCAUDIAG -off O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINNT\System32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [Firefly] C:\Program Files\SnapStream Media\Firefly\Firefly.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINNT\system32\NeroCheck.exe O4 - HKLM\..\Run: [DVDTray] C:\Program Files\Ahead\ODD Toolkit\DVDTray.exe O4 - HKLM\..\Run: [b880c3d9] rundll32.exe "C:\WINNT\system32\lvqwfjio.dll",b O4 - HKCU\..\Run: [AdobeUpdater] C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe O4 - HKUS\.DEFAULT\..\RunOnce: [^SetupICWDesktop] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1.exe /desktop (User 'Default user') O4 - Global Startup: Beyond TV.lnk = ? O4 - Global Startup: HOTSYNCSHORTCUTNAME.lnk = C:\Program Files\Palm\Hotsync.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/actives.../as2stubie.cab O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://appldnld.apple.com.edgesuite....eInstaller.exe O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/wind...?1210551073299 O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn.com/binFramewor...o.cab56649.cab O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab O20 - Winlogon Notify: iifgGYop - C:\WINNT\SYSTEM32\iifgGYop.dll O21 - SSODL: WebProxy - {66186F05-BBBB-4a39-864F-72D84615C679} - sockins32.dll (file missing) O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: MsSecurity Updated (MsSecurity1.209.4) - Unknown owner - C:\WINNT\b2new.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINNT\System32\nvsvc32.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINNT\system32\ZoneLabs\vsmon.exe O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\SNAPST~1\Common\x10nets.exe -- End of file - 8028 bytes -- Files created between 2008-04-15 and 2008-05-15 ----------------------------- 2008-05-15 18:40:09 16384 --a-----t C:\WINNT\system32\Perflib_Perfdata_638.dat 2008-05-15 17:23:13 98960 --a------ C:\WINNT\system32\qybjykpk.dll 2008-05-15 09:50:10 82960 --a------ C:\WINNT\system32\lvqwfjio.dll 2008-05-15 09:47:11 90304 --a------ C:\WINNT\system32\lnvepyvk.dll 2008-05-14 09:56:37 98928 --a------ C:\WINNT\system32\jewhhrgr.dll 2008-05-14 09:50:10 2048 --a------ C:\WINNT\system32\oajpqhhj.exe 2008-05-14 09:44:17 90208 --a------ C:\WINNT\system32\mkkibxpi.dll 2008-05-13 19:46:29 553548 ---h----- C:\WINNT\ShellIconCache 2008-05-13 09:53:12 98864 --a------ C:\WINNT\system32\eheejsbs.dll 2008-05-13 09:47:10 2048 --a------ C:\WINNT\system32\mqkjddwn.exe 2008-05-13 09:44:10 90176 --a------ C:\WINNT\system32\ndhfepxt.dll 2008-05-12 09:50:10 98896 --a------ C:\WINNT\system32\gkwigkko.dll 2008-05-12 09:47:10 2048 --a------ C:\WINNT\system32\qfldurte.exe 2008-05-12 09:44:10 90176 --a------ C:\WINNT\system32\ttofxqyb.dll 2008-05-11 18:30:08 0 d-------- C:\Program Files\Trend Micro 2008-05-11 18:18:36 0 d-------- C:\WINNT\system32\BITS 2008-05-11 18:05:19 0 d-------- C:\Documents and Settings\All Users\Application Data\TEMP 2008-05-11 18:05:10 0 d-------- C:\Program Files\SpywareBlaster 2008-05-11 16:29:10 0 d-------- C:\Program Files\Panda Security 2008-05-11 15:02:17 16384 --a-----t C:\WINNT\system32\Perflib_Perfdata_27c.dat 2008-05-11 14:52:15 2822 --a------ C:\WINNT\system32\tmp.reg 2008-05-11 14:28:25 0 d-------- C:\Program Files\SmitfraudFix <SMITFR~1> 2008-05-11 14:25:20 1390255 --a------ C:\Program Files\SmitfraudFix.exe 2008-05-11 14:19:11 16384 --a-----t C:\WINNT\system32\Perflib_Perfdata_284.dat 2008-05-11 10:47:21 21504 --a------ C:\WINNT\stcloader.exe 2008-05-11 10:47:19 13568 --a------ C:\WINNT\voiceip.dll 2008-05-11 10:47:19 31232 --a------ C:\WINNT\swin32.dll 2008-05-11 10:47:18 18432 --a------ C:\WINNT\cdsm32.dll 2008-05-11 10:47:18 25856 --a------ C:\WINNT\bokja.exe 2008-05-11 10:47:17 29440 --a------ C:\WINNT\mssvr.exe 2008-05-11 10:47:16 24064 --a------ C:\WINNT\mspphe.dll 2008-05-11 10:47:16 27136 --a------ C:\WINNT\bjam.dll 2008-05-11 10:47:15 22016 --a------ C:\WINNT\2020search2.dll 2008-05-11 10:47:14 22016 --a------ C:\WINNT\2020search.dll 2008-05-11 10:47:07 13824 --a------ C:\WINNT\saiemod.dll 2008-05-11 10:47:06 26368 --a------ C:\WINNT\msapasrc.dll 2008-05-11 10:47:06 25600 --a------ C:\WINNT\msa64chk.dll 2008-05-11 10:47:04 14848 --a------ C:\WINNT\shdocpl.dll 2008-05-11 10:47:03 12544 --a------ C:\WINNT\shdocpe.dll 2008-05-11 10:47:03 22016 --a------ C:\WINNT\ntnut.exe 2008-05-11 10:47:02 15616 --a------ C:\WINNT\winsb.dll 2008-05-11 10:47:02 31744 --a------ C:\WINNT\browserad.dll 2008-05-11 10:47:01 31744 --a------ C:\WINNT\aviwrap32.dll 2008-05-11 10:47:00 10752 --a------ C:\WINNT\avisynthex32.dll 2008-05-11 10:47:00 11008 --a------ C:\WINNT\avifile32.dll 2008-05-11 10:47:00 25600 --a------ C:\WINNT\autodisc32.dll 2008-05-11 10:46:59 11264 --a------ C:\WINNT\audiosrv32.dll 2008-05-11 10:46:59 24320 --a------ C:\WINNT\ati2dvag32.dll 2008-05-11 10:46:59 9216 --a------ C:\WINNT\ati2dvaa32.dll 2008-05-11 10:46:58 21248 --a------ C:\WINNT\athprxy32.dll 2008-05-11 10:46:58 25344 --a------ C:\WINNT\asycfilt32.dll 2008-05-11 10:46:57 16384 --a------ C:\WINNT\asferror32.dll 2008-05-11 10:46:57 30720 --a------ C:\WINNT\apphelp32.dll 2008-05-11 10:46:56 24832 --a------ C:\WINNT\changeurl_30.dll 2008-05-11 09:41:15 1221139 --ahs---- C:\WINNT\system32\HNWDNqru.ini2 2008-05-11 09:41:10 316464 --a------ C:\WINNT\system32\urqNDWNH.dll 2008-05-11 09:37:46 41724 ---hs---- C:\Program Files\Common Files\Yazzle1552OinUninstaller.exe 2008-05-11 09:36:13 0 d-------- C:\WINNT\system32\dFrnx06 2008-05-11 09:36:13 0 d-------- C:\Temp 2008-05-11 09:35:59 25728 --a------ C:\WINNT\system32\iifgGYop.dll 2008-05-11 09:35:55 0 d-------- C:\Program Files\QdrDrive 2008-05-11 09:35:21 0 d-------- C:\Documents and Settings\Default User\Application Data\Macromedia 2008-05-11 09:35:09 91563 --a------ C:\WINNT\system32\wmsdkns.exe <Not Verified; Microsoft; XML Media> 2008-05-11 09:35:09 91563 --a------ C:\WINNT\lfn.exe <Not Verified; Microsoft; XML Media> 2008-05-11 09:34:55 25600 --a------ C:\WINNT\b2new.exe 2008-05-09 12:10:08 187904 ---hs---- C:\Program Files\Common Files\Yazzle1552OinAdmin.exe 2008-05-09 11:10:10 229514 --a------ C:\WINNT\system32\000080.exe 2008-05-03 10:48:00 270709 --a------ C:\WINNT\system32\000060.exe 2008-05-01 17:52:43 16384 --a-----t C:\WINNT\system32\Perflib_Perfdata_28c.dat -- Find3M Report --------------------------------------------------------------- 2008-05-11 09:37:46 0 d-a------ C:\Program Files\Common Files 2008-04-01 20:02:39 0 d-------- C:\Program Files\Ahead 2008-04-01 19:58:25 0 d-------- C:\Program Files\Common Files\Ahead 2008-04-01 19:46:36 830293 --a------ C:\WINNT\hpdvd840b_HJ86.exe 2008-02-22 21:59:32 50 --a------ C:\tmp.bat 2008-02-20 20:27:35 16384 --a-----t C:\WINNT\system32\Perflib_Perfdata_5c4.dat 2008-02-20 20:11:28 16384 --a-----t C:\WINNT\system32\Perflib_Perfdata_e4.dat 2008-02-16 10:47:40 16384 --a-----t C:\WINNT\system32\Perflib_Perfdata_540.dat -- Registry Dump --------------------------------------------------------------- Note empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{00000250-0320-4dd4-be4f-7566d2314352}] [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{13197ace-6851-45c3-a7ff-c281324d5489}] [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{15651c7c-e812-44a2-a9ac-b467a2233e7d}] [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{4e1075f4-eec4-4a86-add7-cd5f52858c31}] [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{4e7bd74f-2b8d-469e-92c6-ce7eb590a94d}] [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{5929cd6e-2062-44a4-b2c5-2c7e78fbab38}] [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{5dafd089-24b1-4c5e-bd42-8ca72550717b}] [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{5fa6752a-c4a0-4222-88c2-928ae5ab4966}] [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{622cc208-b014-4fe0-801b-874a5e5e403a}] [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{8674aea0-9d3d-11d9-99dc-00600f9a01f1}] [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{965a592f-8efa-4250-8630-7960230792f1}] [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{9c5b2f29-1f46-4639-a6b4-828942301d3e}] [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{BCA86068-A178-45AE-A05D-EBFD19A43265}] 05/11/08 09:41a 316464 --a------ C:\WINNT\system32\urqNDWNH.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{C7BBC1FA-E415-4926-9A47-9AB58D0B3BC8}] 05/11/08 09:36a 25728 --a------ C:\WINNT\system32\iifgGYop.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{cf021f40-3e14-23a5-cba2-717765728274}] [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{fb7f44a5-cc98-40fb-a7a7-5e62f5b2e127}] 05/15/08 05:23p 98960 --a------ C:\WINNT\system32\qybjykpk.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{fc3a74e5-f281-4f10-ae1e-733078684f3c}] [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{ffff0001-0002-101a-a3c9-08002b2f49fb}] [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{FFFFFFFF-BBBB-4146-86FD-A722E8AB3489}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Synchronization Manager"="mobsync.exe" [06/19/03 01:05p C:\WINNT\system32\mobsync.exe] "NvCplDaemon"="C:\WINNT\System32\NvCpl.dll" [07/15/04 11:42a] "TCASUTIEXE"="TCAUDIAG -off" [] "nwiz"="nwiz.exe" [07/15/04 11:42a C:\WINNT\system32\nwiz.exe] "NvMediaCenter"="C:\WINNT\System32\NvMcTray.dll" [07/15/04 11:42a] "Firefly"="C:\Program Files\SnapStream Media\Firefly\Firefly.exe" [08/18/04 01:07p] "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [03/29/08 11:37a] "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [09/06/06 06:08p] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [09/25/07 02:11a] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [10/10/07 08:51p] "ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [11/14/07 05:05p] "NeroFilterCheck"="C:\WINNT\system32\NeroCheck.exe" [07/09/01 11:50a] "DVDTray"="C:\Program Files\Ahead\ODD Toolkit\DVDTray.exe" [09/03/04 02:58a] "b880c3d9"="C:\WINNT\system32\lvqwfjio.dll" [05/15/08 09:50a] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "AdobeUpdater"="C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe" [03/01/07 10:37a] [HKEY_USERS\.default\software\microsoft\windows\currentversion\runonce] "^SetupICWDesktop"=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1.exe /desktop [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "DisableTaskMgr"=1 (0x1) [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system] "DisableTaskMgr"=1 (0x1) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{C7BBC1FA-E415-4926-9A47-9AB58D0B3BC8}"= C:\WINNT\system32\iifgGYop.dll [05/11/08 09:36a 25728] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] "WebProxy"= {66186F05-BBBB-4a39-864F-72D84615C679} - sockins32.dll [ ] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon] "Userinit"="C:\WINNT\system32\userinit.exe,C:\WINNT\system32\wmsdkns.exe," [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\iifgGYop] iifgGYop.dll 05/11/08 09:36a 25728 C:\WINNT\system32\iifgGYop.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "appinit_dlls"=NVDESK32.DLL [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] "Authentication Packages"= msv1_0 C:\WINNT\system32\urqNDWNH [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sglfb.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\tga.sys] @="Driver" [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{66186F05-BBBB-4a39-864F-72D84615C679}] rundll32 sockins32.dll,InitModule -- End of Deckard's System Scanner: finished at 2008-05-15 18:42:11 ------------